www.access.service.gov.uk Open in urlscan Pro
104.111.245.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://online.hmrc.gov.uk/
Effective URL:
https://www.access.service.gov.uk/login/signin/creds
Submission: On January 09 via manual (January 9th 2020, 12:02:14 pm UTC) from GB

Summary HTTP 20 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 20 HTTP transactions. The main IP is 104.111.245.41, located in Netherlands and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is www.access.service.gov.uk.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on September 12th 2019. Valid for: 2 years.

This is the only time www.access.service.gov.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 6	23.38.52.254 23.38.52.254	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 17	104.111.245.41 104.111.245.41	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
20	4

6 23.38.52.254 (Netherlands) 6 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-38-52-254.deploy.static.akamaitechnologies.com

online.hmrc.gov.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tax.service.gov.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.111.245.41 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-245-41.deploy.static.akamaitechnologies.com

www.access.service.gov.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	service.gov.uk 5 redirects www.tax.service.gov.uk www.access.service.gov.uk	289 KB
3	google-analytics.com www.google-analytics.com	18 KB
2	hmrc.gov.uk 2 redirects online.hmrc.gov.uk	322 B
1	googletagmanager.com www.googletagmanager.com	27 KB
20	4

	Domain	Requested by
17	www.access.service.gov.uk	1 redirects www.access.service.gov.uk www.google-analytics.com
4	www.tax.service.gov.uk	4 redirects
3	www.google-analytics.com	www.googletagmanager.com www.access.service.gov.uk
2	online.hmrc.gov.uk	2 redirects
1	www.googletagmanager.com	www.access.service.gov.uk
20	5

This site contains links to these domains. Also see Links.

Domain
www.gov.uk
docs.google.com
www.nationalarchives.gov.uk

Subject Issuer	Validity	Valid
www.access.service.gov.uk DigiCert SHA2 Extended Validation Server CA	`2019-09-12` - `2021-09-11`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-12-10` - `2020-03-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.access.service.gov.uk/login/signin/creds
Frame ID: 86BFDE240270702E6EA3D140742BE7A0
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://online.hmrc.gov.uk/ HTTP 302
https://online.hmrc.gov.uk/home HTTP 302
https://www.tax.service.gov.uk/home HTTP 302
https://www.tax.service.gov.uk/home/ HTTP 302
https://www.tax.service.gov.uk/gg/sign-in?continue=%2Fhome%2F HTTP 303
https://www.tax.service.gov.uk/bas-gateway/sign-in?continue_url=%2Fhome%2F&origin= HTTP 303
https://www.access.service.gov.uk/authorize?client_id=qLpLcsAsJMK7hcJrR9pqsEV34CwhJN&response_type=code&scope=... HTTP 302
https://www.access.service.gov.uk/login/signin/creds Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

495 kB
Transfer

711 kB
Size

10
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gov.uk/
Title: GOV.UK

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSd1hEUh1iZccBzd7Fgk26nt-qoqLmzXI-Q7FM6rXyElymkCnA/viewform
Title: feedback

Search URL Search Domain Scan URL

URL: https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/
Title: Open Government Licence

Search URL Search Domain Scan URL

URL: https://www.nationalarchives.gov.uk/information-management/re-using-public-sector-information/copyright-and-re-use/crown-copyright/
Title: © Crown copyright

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://online.hmrc.gov.uk/ HTTP 302
https://online.hmrc.gov.uk/home HTTP 302
https://www.tax.service.gov.uk/home HTTP 302
https://www.tax.service.gov.uk/home/ HTTP 302
https://www.tax.service.gov.uk/gg/sign-in?continue=%2Fhome%2F HTTP 303
https://www.tax.service.gov.uk/bas-gateway/sign-in?continue_url=%2Fhome%2F&origin= HTTP 303
https://www.access.service.gov.uk/authorize?client_id=qLpLcsAsJMK7hcJrR9pqsEV34CwhJN&response_type=code&scope=openid&redirect_uri=https://www.tax.service.gov.uk/bas-gateway/login&nonce=8baffd2d-c39c-4b84-92ad-c017ae888fcf&state=5e17163422000096095fedc3&ui_locales=en-GB&max_age=0&custom1=session-756534f9-b739-43bc-877a-c70f7c79e6fb&acr_values=acr-gg-x HTTP 302
https://www.access.service.gov.uk/login/signin/creds Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set creds Show response
www.access.service.gov.uk/login/signin/
Redirect Chain

https://online.hmrc.gov.uk/
https://online.hmrc.gov.uk/home
https://www.tax.service.gov.uk/home
https://www.tax.service.gov.uk/home/
https://www.tax.service.gov.uk/gg/sign-in?continue=%2Fhome%2F
https://www.tax.service.gov.uk/bas-gateway/sign-in?continue_url=%2Fhome%2F&origin=
https://www.access.service.gov.uk/authorize?client_id=qLpLcsAsJMK7hcJrR9pqsEV34CwhJN&response_type=code&scope=openid&redirect_uri=https://www.tax.service.gov.uk/bas-gateway/login&nonce=8baffd2d-c39...
https://www.access.service.gov.uk/login/signin/creds

9 KB
5 KB

225ms
225ms

Document
text/html

104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.access.service.gov.uk/login/signin/creds

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5d01eabd4311bb1b3c4dad06f45b3fe59ada17c95b8939740aecf0e07e33beca

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://www.google-analytics.com/ wss://mpsnare.iesnare.com/; default-src 'nonce-7h+PJScNWIHMUUAb0P0FkQ==' 'self'; font-src 'nonce-7h+PJScNWIHMUUAb0P0FkQ==' data:; base-uri 'none'; img-src 'nonce-7h+PJScNWIHMUUAb0P0FkQ==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/; object-src 'none'; script-src 'nonce-7h+PJScNWIHMUUAb0P0FkQ==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/ https://mpsnare.iesnare.com/
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: www.access.service.gov.uk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Accept-Encoding: gzip, deflate, br
Cookie: wsc=e2d7fa57e75501eff132a09e8631b1477ed1281c3720df22add9ead0761f5cce; basdi=basdi#f81d88a5-0be7-41dc-bf8f-8486ca52835c#1578571316209_1C9FZoFlAE96I1+/00jxZQ==; lang=en-GB; apsc=eyJhbGciOiJIUzI1NiJ9.eyJuYmYiOjE1Nzg1NzEzMTYsImRhdGEiOnsic2Vzc2lvbklkIjoic2Vzc2lvbi03NTY1MzRmOS1iNzM5LTQzYmMtODc3YS1jNzBmN2M3OWU2ZmIifSwiaWF0IjoxNTc4NTcxMzE2fQ.XNbRLGXzs2uLebKOgzLuDMdTuVIXiVJqCLIjgA_Ln0M
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User: ?1

Response headers

Content-Type: text/html; charset=UTF-8
Server: nginx
Pragma: no-cache
Cache-Control: no-cache, no-store
Referrer-Policy: strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: connect-src 'self' https://www.google-analytics.com/ wss://mpsnare.iesnare.com/; default-src 'nonce-7h+PJScNWIHMUUAb0P0FkQ==' 'self'; font-src 'nonce-7h+PJScNWIHMUUAb0P0FkQ==' data:; base-uri 'none'; img-src 'nonce-7h+PJScNWIHMUUAb0P0FkQ==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/; object-src 'none'; script-src 'nonce-7h+PJScNWIHMUUAb0P0FkQ==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/ https://mpsnare.iesnare.com/
Strict-Transport-Security: max-age=31536000
X-Permitted-Cross-Domain-Policies: master-only
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 09 Jan 2020 12:01:56 GMT
Content-Length: 3646
Connection: keep-alive
Set-Cookie: basdi=basdi#f81d88a5-0be7-41dc-bf8f-8486ca52835c#1578571316209_1C9FZoFlAE96I1+/00jxZQ==; Max-Age=315360000; Expires=Sun, 06 Jan 2030 12:01:56 GMT; Path=/; Secure; HTTPOnly CSRF-Token=6eaba63328cfb2f93b13b8bdf73121c95eb52816-1578571316526-c3ddf3e0ce3ec75657f1d9af; SameSite=Lax; Path=/; Secure; HTTPOnly

Redirect headers

Content-Length: 0
Server: nginx
Location: /login/signin/creds
Cache-Control: no-store
Pragma: no-cache
Date: Thu, 09 Jan 2020 12:01:56 GMT
Connection: keep-alive
Set-Cookie: wsc=e2d7fa57e75501eff132a09e8631b1477ed1281c3720df22add9ead0761f5cce; Path=/; Secure; HttpOnly basdi=basdi#f81d88a5-0be7-41dc-bf8f-8486ca52835c#1578571316209_1C9FZoFlAE96I1+/00jxZQ==; Expires=Mon, 13 Jan 2020 03:37:56 GMT; Path=/; Secure; HttpOnly lang=en-GB; Path=/; Secure; HttpOnly apsc=eyJhbGciOiJIUzI1NiJ9.eyJuYmYiOjE1Nzg1NzEzMTYsImRhdGEiOnsic2Vzc2lvbklkIjoic2Vzc2lvbi03NTY1MzRmOS1iNzM5LTQzYmMtODc3YS1jNzBmN2M3OWU2ZmIifSwiaWF0IjoxNTc4NTcxMzE2fQ.XNbRLGXzs2uLebKOgzLuDMdTuVIXiVJqCLIjgA_Ln0M; Path=/; Secure; HttpOnly

GET
H/1.1 200
OK template.css
www.access.service.gov.uk/assets/stylesheets/ 16 KB
3 KB 29ms
29ms Stylesheet
text/css 104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.access.service.gov.uk/assets/stylesheets/template.css

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/login/signin/creds

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

cd72e82db2f016e976af713dfef84a8c602b93affee37ddc5591bf7be4c1675a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.access.service.gov.uk/login/signin/creds
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 09 Jan 2020 12:01:56 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 06 Jan 2020 17:13:46 GMT
Server: nginx
ETag: "5e136aca-41ba"
X-Frame-Options: deny
Content-Type: text/css
Cache-Control: max-age=12664
X-Content-Type-Options: nosniff
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 2770
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK elements.css
www.access.service.gov.uk/assets/stylesheets/ 42 KB
6 KB 60ms
30ms Stylesheet
text/css 104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.access.service.gov.uk/assets/stylesheets/elements.css

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/login/signin/creds

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

2a9599ee6421987d7d6437e4ca99cbbad253da33193a3bf9a2d48bd17b73f52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.access.service.gov.uk/login/signin/creds
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 09 Jan 2020 12:01:56 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 06 Jan 2020 17:13:46 GMT
Server: nginx
ETag: "5e136aca-a95b"
X-Frame-Options: deny
Content-Type: text/css
Cache-Control: max-age=69987
X-Content-Type-Options: nosniff
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 5458
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fonts.css
www.access.service.gov.uk/assets/stylesheets/ 267 KB
196 KB 90ms
43ms Stylesheet
text/css 104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.access.service.gov.uk/assets/stylesheets/fonts.css

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/login/signin/creds

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

cf1fada327a5f6ea0ea7362531f06aa590e6572a65395123bcf0f5fe3848bad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.access.service.gov.uk/login/signin/creds
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 09 Jan 2020 12:01:56 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 06 Jan 2020 17:13:46 GMT
Server: nginx
ETag: "5e136aca-42b7f"
X-Frame-Options: deny
Content-Type: text/css
Cache-Control: max-age=67171
X-Content-Type-Options: nosniff
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 200137
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK local-overrides.css
www.access.service.gov.uk/assets/stylesheets/ 6 KB
2 KB 76ms
28ms Stylesheet
text/css 104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.access.service.gov.uk/assets/stylesheets/local-overrides.css?v=1.50.0

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/login/signin/creds

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b7dec77c8c1c94554075d6b5fe37608eeb28ce2d0032fa839511d98d25e21413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.access.service.gov.uk/login/signin/creds
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 09 Jan 2020 12:01:56 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 06 Jan 2020 17:13:46 GMT
Server: nginx
ETag: "5e136aca-1927"
X-Frame-Options: deny
Content-Type: text/css
Cache-Control: max-age=77899
X-Content-Type-Options: nosniff
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1924
X-XSS-Protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 73 KB
27 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:816::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-107263333-1,UA-145652997-1

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/login/signin/creds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ac3b9ce537968439bf752e1ed9d7e5383330eb8ae4bbbc6745923e076079dcf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.access.service.gov.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Thu, 09 Jan 2020 12:01:56 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 27826
x-xss-protection: 0
expires: Thu, 09 Jan 2020 12:01:56 GMT

GET
H/1.1 200
OK page-start.js Show response
www.access.service.gov.uk/assets/javascripts/ 2 KB
1 KB 77ms
27ms Script
application/javascript 104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.access.service.gov.uk/assets/javascripts/page-start.js?v=1.50.0

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/login/signin/creds

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

41ee89eb2f5336e4d111b53deed6975a452869b5592606c84d6a26e976ab281c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.access.service.gov.uk/login/signin/creds
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 09 Jan 2020 12:01:56 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 06 Jan 2020 17:13:46 GMT
Server: nginx
ETag: "5e136aca-8c7"
X-Frame-Options: deny
Content-Type: application/javascript
Cache-Control: max-age=67041
X-Content-Type-Options: nosniff
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 636
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK gov.uk_logotype_crown_invert_trans.png
www.access.service.gov.uk/assets/images/ 1 KB
1 KB 79ms
30ms Image
image/png 104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.access.service.gov.uk/assets/images/gov.uk_logotype_crown_invert_trans.png

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/login/signin/creds

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

203e1db49d3eff430d7dc450ce723c1002542fe1d2bce661b6d8571f14c1043c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.access.service.gov.uk/login/signin/creds
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 09 Jan 2020 12:01:56 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 06 Jan 2020 17:13:46 GMT
Server: nginx
ETag: "5e136aca-419"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=68046
X-Content-Type-Options: nosniff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1049
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK CData.js Show response
www.access.service.gov.uk/login/assets/javascripts/ 34 KB
35 KB 97ms
77ms Script
application/javascript 104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.access.service.gov.uk/login/assets/javascripts/CData.js

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/login/signin/creds

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e31924058df0daa2632c283b1cefaebce7b74a432b949d01735468fcbe18ac35

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://www.google-analytics.com/ wss://mpsnare.iesnare.com/; default-src 'nonce-DNwncHwagqerSMUWpNhCQw==' 'self'; font-src 'nonce-DNwncHwagqerSMUWpNhCQw==' data:; base-uri 'none'; img-src 'nonce-DNwncHwagqerSMUWpNhCQw==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/; object-src 'none'; script-src 'nonce-DNwncHwagqerSMUWpNhCQw==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/ https://mpsnare.iesnare.com/
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.access.service.gov.uk/login/signin/creds
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' https://www.google-analytics.com/ wss://mpsnare.iesnare.com/; default-src 'nonce-DNwncHwagqerSMUWpNhCQw==' 'self'; font-src 'nonce-DNwncHwagqerSMUWpNhCQw==' data:; base-uri 'none'; img-src 'nonce-DNwncHwagqerSMUWpNhCQw==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/; object-src 'none'; script-src 'nonce-DNwncHwagqerSMUWpNhCQw==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/ https://mpsnare.iesnare.com/
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 03 Jan 2020 16:48:16 GMT
Server: nginx
X-Frame-Options: DENY
ETag: "f4e0a9e9aa913203745accc94cd258e94a75bdbb"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript; charset=UTF-8
X-Permitted-Cross-Domain-Policies: master-only
Date: Thu, 09 Jan 2020 12:01:56 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34562
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK device-reputation.js Show response
www.access.service.gov.uk/login/assets/javascripts/ 18 KB
19 KB 67ms
67ms Script
application/javascript 104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.access.service.gov.uk/login/assets/javascripts/device-reputation.js

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/login/signin/creds

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1eb889a0056afde014bc3d573b6462b07ed5f0bd96863e0889885a8c07231633

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://www.google-analytics.com/ wss://mpsnare.iesnare.com/; default-src 'nonce-IrHxVvXNJTWFnVWqxaoU0w==' 'self'; font-src 'nonce-IrHxVvXNJTWFnVWqxaoU0w==' data:; base-uri 'none'; img-src 'nonce-IrHxVvXNJTWFnVWqxaoU0w==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/; object-src 'none'; script-src 'nonce-IrHxVvXNJTWFnVWqxaoU0w==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/ https://mpsnare.iesnare.com/
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.access.service.gov.uk/login/signin/creds
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Security-Policy: connect-src 'self' https://www.google-analytics.com/ wss://mpsnare.iesnare.com/; default-src 'nonce-IrHxVvXNJTWFnVWqxaoU0w==' 'self'; font-src 'nonce-IrHxVvXNJTWFnVWqxaoU0w==' data:; base-uri 'none'; img-src 'nonce-IrHxVvXNJTWFnVWqxaoU0w==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/; object-src 'none'; script-src 'nonce-IrHxVvXNJTWFnVWqxaoU0w==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/ https://mpsnare.iesnare.com/
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Fri, 03 Jan 2020 16:48:16 GMT
Server: nginx
X-Frame-Options: DENY
ETag: "699e9fdb66310515b0272cf86bbbfc4970da6be8"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript; charset=UTF-8
X-Permitted-Cross-Domain-Policies: master-only
Date: Thu, 09 Jan 2020 12:01:56 GMT
X-Content-Type-Options: nosniff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18497
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK govuk-template.js Show response
www.access.service.gov.uk/assets/javascripts/ 3 KB
1 KB 28ms
28ms Script
application/javascript 104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.access.service.gov.uk/assets/javascripts/govuk-template.js

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/login/signin/creds

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

39cac79954030c822724fa54cc2f647416c4219883fe648eba580825db8032eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.access.service.gov.uk/login/signin/creds
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 09 Jan 2020 12:01:56 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 06 Jan 2020 17:13:46 GMT
Server: nginx
ETag: "5e136aca-ba7"
X-Frame-Options: deny
Content-Type: application/javascript
Cache-Control: max-age=66368
X-Content-Type-Options: nosniff
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1010
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK page-complete.js Show response
www.access.service.gov.uk/assets/javascripts/ 24 KB
7 KB 39ms
39ms Script
application/javascript 104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.access.service.gov.uk/assets/javascripts/page-complete.js?v=1.50.0

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/login/signin/creds

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0e33307879cb359ef12247e1ac2eb81cc2385bfb01c3380f2a0f754f60f070a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.access.service.gov.uk/login/signin/creds
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 09 Jan 2020 12:01:56 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 06 Jan 2020 17:13:46 GMT
Server: nginx
ETag: "5e136aca-5f05"
X-Frame-Options: deny
Content-Type: application/javascript
Cache-Control: max-age=60770
X-Content-Type-Options: nosniff
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 6417
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK template-print.css
www.access.service.gov.uk/assets/stylesheets/ 1 KB
1022 B 27ms
27ms Stylesheet
text/css 104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.access.service.gov.uk/assets/stylesheets/template-print.css

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/login/signin/creds

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

492cd1dc74f35fd33fe2c63cff01ef3804ccbf00f106e1e081d14758c6c6df64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.access.service.gov.uk/login/signin/creds
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 09 Jan 2020 12:01:56 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 06 Jan 2020 17:13:46 GMT
Server: nginx
ETag: "5e136aca-554"
X-Frame-Options: deny
Content-Type: text/css
Cache-Control: max-age=74834
X-Content-Type-Options: nosniff
Connection: keep-alive
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 576
X-XSS-Protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-107263333-1,UA-145652997-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.access.service.gov.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5301
date: Thu, 09 Jan 2020 10:33:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Thu, 09 Jan 2020 12:33:35 GMT

GET
H/1.1 200
OK gov.uk_logotype_crown.png
www.access.service.gov.uk/assets/stylesheets/images/ 1 KB
2 KB 29ms
28ms Image
image/png 104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.access.service.gov.uk/assets/stylesheets/images/gov.uk_logotype_crown.png

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/login/signin/creds

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ea874a79e09423d63420aff44f016fd0b92dc6dec0cc2668d63b150c8669875e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.access.service.gov.uk/assets/stylesheets/template.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 09 Jan 2020 12:01:56 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 06 Jan 2020 17:13:46 GMT
Server: nginx
ETag: "5e136aca-587"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=68009
X-Content-Type-Options: nosniff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1415
X-XSS-Protection: 1; mode=block

GET
DATA 200
OK truncated
/ 94 KB
94 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 048b93884a1b51d20f2a3140541d450cb6b82c6c2cf69128ea1d09fdd9699f30

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.access.service.gov.uk

Response headers

Content-Type: application/font-woff

GET
DATA 200
OK truncated
/ 71 KB
71 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01c73d5dd84423dd2fc30aabd1de09a86b36b6de9e2e240d954c09cbb1d97aba

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin: https://www.access.service.gov.uk

Response headers

Content-Type: application/font-woff

GET
H/1.1 200
OK open-government-licence.png
www.access.service.gov.uk/assets/stylesheets/images/ 761 B
1 KB 27ms
27ms Image
image/png 104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.access.service.gov.uk/assets/stylesheets/images/open-government-licence.png

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c1aedc8257961b938b4c7a21a2b0db3f2716dd9ef782cea73110dc69107c9042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.access.service.gov.uk/assets/stylesheets/template.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 09 Jan 2020 12:01:56 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 06 Jan 2020 17:13:46 GMT
Server: nginx
ETag: "5e136aca-2f9"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=66318
X-Content-Type-Options: nosniff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 761
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK govuk-crest.png
www.access.service.gov.uk/assets/stylesheets/images/ 4 KB
4 KB 27ms
27ms Image
image/png 104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.access.service.gov.uk/assets/stylesheets/images/govuk-crest.png

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.access.service.gov.uk/assets/stylesheets/template.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Thu, 09 Jan 2020 12:01:56 GMT
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 06 Jan 2020 17:13:46 GMT
Server: nginx
ETag: "5e136aca-e00"
X-Frame-Options: deny
Content-Type: image/png
Cache-Control: max-age=37514
X-Content-Type-Options: nosniff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3584
X-XSS-Protection: 1; mode=block

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1192170774&t=pageview&_s=1&dl=https%3A%2F%2Fwww.access.service.gov.uk%2Flogin%2Fsignin%2Fcreds&ul=en-us&de=UTF-8&dt=Sign%20in%20using%20Government%20Gateway%20-%20GOV.UK&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=929135604&gjid=398133199&cid=1248068523.1578571317&tid=UA-107263333-1&_gid=106319194.1578571317&_r=1&gtm=2ouc61&z=687366366

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/login/signin/creds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.access.service.gov.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jan 2020 12:01:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&aip=1&a=1192170774&t=pageview&_s=1&dl=https%3A%2F%2Fwww.access.service.gov.uk%2Flogin%2Fsignin%2Fcreds&ul=en-us&de=UTF-8&dt=Sign%20in%20using%20Government%20Gateway%20-%20GOV.UK&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IGDACUABB~&jid=1275051222&gjid=1711819124&cid=1248068523.1578571317&tid=UA-145652997-1&_gid=106319194.1578571317&_r=1&gtm=2ouc61&z=2037355274

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/login/signin/creds

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.access.service.gov.uk/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Jan 2020 12:01:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content web-chat-configuration Show response
www.access.service.gov.uk/help/assist/ 0
1 KB 56ms
56ms XHR
text/plain 104.111.245.41
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://www.access.service.gov.uk/help/assist/web-chat-configuration

Requested by

Host: www.access.service.gov.uk
URL: https://www.access.service.gov.uk/assets/javascripts/page-complete.js?v=1.50.0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.245.41 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-111-245-41.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://www.google-analytics.com/ wss://mpsnare.iesnare.com/; default-src 'nonce-ap/furIrAtv/lAMICxtZCw==' 'self'; font-src 'nonce-ap/furIrAtv/lAMICxtZCw==' data:; base-uri 'none'; img-src 'nonce-ap/furIrAtv/lAMICxtZCw==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/; object-src 'none'; script-src 'nonce-ap/furIrAtv/lAMICxtZCw==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/ https://mpsnare.iesnare.com/
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.access.service.gov.uk/login/signin/creds
Origin: https://www.access.service.gov.uk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-type: application/json

Response headers

Pragma: no-cache
Content-Security-Policy: connect-src 'self' https://www.google-analytics.com/ wss://mpsnare.iesnare.com/; default-src 'nonce-ap/furIrAtv/lAMICxtZCw==' 'self'; font-src 'nonce-ap/furIrAtv/lAMICxtZCw==' data:; base-uri 'none'; img-src 'nonce-ap/furIrAtv/lAMICxtZCw==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/; object-src 'none'; script-src 'nonce-ap/furIrAtv/lAMICxtZCw==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/ https://mpsnare.iesnare.com/
Strict-Transport-Security: max-age=31536000
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx
Date: Thu, 09 Jan 2020 12:01:56 GMT
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: master-only
Cache-Control: no-cache, no-store
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.access.service.gov.uk/	1970-01-19 07:09:50	Name: seen_cookie_message Value: yes
.access.service.gov.uk/	1970-01-19 06:30:57	Name: _basga_gid Value: GA1.4.106319194.1578571317
.access.service.gov.uk/	1970-01-19 06:29:31	Name: _gat_gtag_UA_107263333_1 Value: 1
www.access.service.gov.uk/	1969-12-31 23:59:59	Name: CSRF-Token Value: 6eaba63328cfb2f93b13b8bdf73121c95eb52816-1578571316526-c3ddf3e0ce3ec75657f1d9af
www.access.service.gov.uk/	1969-12-31 23:59:59	Name: apsc Value: eyJhbGciOiJIUzI1NiJ9.eyJuYmYiOjE1Nzg1NzEzMTYsImRhdGEiOnsic2Vzc2lvbklkIjoic2Vzc2lvbi03NTY1MzRmOS1iNzM5LTQzYmMtODc3YS1jNzBmN2M3OWU2ZmIifSwiaWF0IjoxNTc4NTcxMzE2fQ.XNbRLGXzs2uLebKOgzLuDMdTuVIXiVJqCLIjgA_Ln0M
.access.service.gov.uk/	1970-01-19 06:29:31	Name: _gat_gtag_UA_145652997_1 Value: 1
.access.service.gov.uk/	1970-01-20 00:00:43	Name: _basga Value: GA1.4.1248068523.1578571317
www.access.service.gov.uk/	1969-12-31 23:59:59	Name: wsc Value: e2d7fa57e75501eff132a09e8631b1477ed1281c3720df22add9ead0761f5cce
www.access.service.gov.uk/	1969-12-31 23:59:59	Name: lang Value: en-GB
www.access.service.gov.uk/	1970-01-22 22:05:31	Name: basdi Value: basdi#f81d88a5-0be7-41dc-bf8f-8486ca52835c#1578571316209_1C9FZoFlAE96I1+/00jxZQ==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	connect-src 'self' https://www.google-analytics.com/ wss://mpsnare.iesnare.com/; default-src 'nonce-7h+PJScNWIHMUUAb0P0FkQ==' 'self'; font-src 'nonce-7h+PJScNWIHMUUAb0P0FkQ==' data:; base-uri 'none'; img-src 'nonce-7h+PJScNWIHMUUAb0P0FkQ==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/; object-src 'none'; script-src 'nonce-7h+PJScNWIHMUUAb0P0FkQ==' 'self' https://www.googletagmanager.com/ https://www.google-analytics.com/ https://mpsnare.iesnare.com/
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

online.hmrc.gov.uk
www.access.service.gov.uk
www.google-analytics.com
www.googletagmanager.com
www.tax.service.gov.uk
104.111.245.41
23.38.52.254
2a00:1450:4001:808::200e
2a00:1450:4001:816::2008
01c73d5dd84423dd2fc30aabd1de09a86b36b6de9e2e240d954c09cbb1d97aba
048b93884a1b51d20f2a3140541d450cb6b82c6c2cf69128ea1d09fdd9699f30
0e33307879cb359ef12247e1ac2eb81cc2385bfb01c3380f2a0f754f60f070a3
1eb889a0056afde014bc3d573b6462b07ed5f0bd96863e0889885a8c07231633
203e1db49d3eff430d7dc450ce723c1002542fe1d2bce661b6d8571f14c1043c
2a9599ee6421987d7d6437e4ca99cbbad253da33193a3bf9a2d48bd17b73f52b
39cac79954030c822724fa54cc2f647416c4219883fe648eba580825db8032eb
41ee89eb2f5336e4d111b53deed6975a452869b5592606c84d6a26e976ab281c
492cd1dc74f35fd33fe2c63cff01ef3804ccbf00f106e1e081d14758c6c6df64
5d01eabd4311bb1b3c4dad06f45b3fe59ada17c95b8939740aecf0e07e33beca
6ac3b9ce537968439bf752e1ed9d7e5383330eb8ae4bbbc6745923e076079dcf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
b7dec77c8c1c94554075d6b5fe37608eeb28ce2d0032fa839511d98d25e21413
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
c1aedc8257961b938b4c7a21a2b0db3f2716dd9ef782cea73110dc69107c9042
cd72e82db2f016e976af713dfef84a8c602b93affee37ddc5591bf7be4c1675a
cf1fada327a5f6ea0ea7362531f06aa590e6572a65395123bcf0f5fe3848bad8
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e31924058df0daa2632c283b1cefaebce7b74a432b949d01735468fcbe18ac35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea874a79e09423d63420aff44f016fd0b92dc6dec0cc2668d63b150c8669875e

www.access.service.gov.uk Open in urlscan Pro 104.111.245.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

50 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

495 kBTransfer

711 kBSize

10 Cookies

4 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

10 Cookies

Security Headers

Indicators

www.access.service.gov.uk Open in urlscan Pro
104.111.245.41 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

495 kB
Transfer

711 kB
Size

10
Cookies

20 HTTP transactions
2 data transactions